A unified approach to mobile security
August 6, 2014
By Anne Heraghty, courtesy of SBAM Approved Partner Veracity
There is plenty of talk currently about mobile payments and the appeal of doing business transactions with mobile phones. Not only is this payments trend convenient for customers, it is also good for merchants who do work out in the field or who have online stores already in place that would easily transition into the mobile arena. There is a high likelihood that mobile payments will become more and more prevalent.
As a result, merchants of all sizes are becoming increasingly active in mobile marketing and encouraging sales to these mobile customers. Unfortunately, there’s a perception that mobile transactions are automatically safe— but that’s not necessarily true. Some mobile devices are easy to hack and many users are especially vulnerable because they tend to store lots of personal data on them. It’s critical to create the same layer of security for mobile as you do for all other transactions.
Information stolen from these devices might include sign-on details and other account data for your store, making it a snap for crooks to change account details and then place and direct fraudulent orders to their own location. Accordingly, you need to use exactly the same tools as you do in other channels to identify red flags from incoming mobile transactions —for example, multiple orders or cards from the same address, big ticket items, rush orders, new customers, and overseas orders.
Also, be aware that hacked mobile devices can be programmed to spoof their location. In other instances, some devices may not even yield geo-location details, so you can’t tell where it’s being used. Or, they may not store cookies that would verify previous business.
The best approach is to provide customers with your own mobile app with the same security level as your online store, including passwords, security questions, and data encryption.
Then, be sure that all your transactions go through the same back-end systems as your desktop/laptop and point of sale transactions. This “unified security” approach means that you can manage both mobile and other online transactions with the same level of scrutiny. It also streamlines the process of integrating data from all channels, including in-store and call center transactions, increasing the likelihood that you’ll spot fraud attempts much more quickly.
By taking these steps, you’re not only protecting yourself against fraud, but also protecting your reputation. Customers will be more likely to use your mobile channel if they feel safe there. Contact us with your mobile security questions: (888) 599-2209.